<?xml version="1.0" encoding="ISO-8859-1" ?>
<%@ page language="java" contentType="text/html; charset=ISO-8859-1"
    pageEncoding="ISO-8859-1" import="java.util.*,java.io.*,java.sql.*,java.text.*, dbAccess.*"%>
    
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content
-Type" content="text/html; charset=ISO-8859-1" />
<title>Patient Create/Update Process</title>
<link rel="stylesheet" type="text/css" href="css_files/style.css" />
</head>
<body>
 <%
 
 	//create new patient
 	Staff newStaff = new Staff(session.getAttribute("Name").toString());
 	String action = request.getParameter("action");
 	String callerId = request.getParameter("callerId").toString();
 	
 	//if we're updating, set the current staffId
 	if ((action != null) && action.equals("update"))
 	{
 		//check if the update is from the staff member him/herself or from admin
 		if (callerId.equals("admin")) //staff member initiated update
 		{
 			//get and set patient ID
 			int staffId = Integer.parseInt(request.getParameter("sId").toString());
 			newStaff.setStaffId(staffId);
 			
 			//get SIN and password as these are the fields that a staff member can't update
 			DbAccess access = new DbAccess();
 			String querySIN = "select tbl_staff.SIN from tbl_staff where tbl_patient.StaffId = " + staffId;
 			String queryPassword = "select tbl_staff.Password from tbl_staff where tbl_staff.StaffId = " + staffId;
 			int SIN = 0;
 			String password = "unknown";
			
 			try
 			{
 			SIN = Integer.parseInt(access.ExecuteScalar(access.connect(),querySIN));
 			password = access.ExecuteScalar(access.connect(),queryPassword);
 			}
 			catch (Exception e)
 			{
 				//catch and move on
 			}
 			newStaff.setSIN(SIN);
 			newStaff.setPassword(password);
 		}
 		else //staff trying to update his/her info
 		{
 			newStaff.setStaffId(Integer.parseInt(session.getAttribute("staffId").toString()));
 			newStaff.setSIN(Integer.parseInt(request.getParameter("SIN")));
 			newStaff.setPassword(request.getParameter("Password"));
 		}
 	}
 	//if an admin is trying to add a new staff member
 	if ((action != null) && (action.equals("add")))
 	{
		newStaff.setSIN(Integer.parseInt(request.getParameter("SIN")));
		newStaff.setPassword(request.getParameter("Password"));
 	}
 			
  //tbl_patient
   newStaff.setFirstName(request.getParameter("fName"));
   newStaff.setLastName(request.getParameter("lName"));
   newStaff.setPhoneNum(request.getParameter("phoneNumber"));
   newStaff.setHomeAddress(request.getParameter("HomeAddress"));
   newStaff.setEmailAddress(request.getParameter("EmailAddress"));

   //tbl_patient
  newStaff.setDateOfBirth((java.sql.Date.valueOf(request.getParameter("DateOfBirth").toString())));
  if (request.getParameter("gender").equals("male"))
  {
  	newStaff.setGender("M");
  }
  else
  {
 	newStaff.setGender("F");
  }
  newStaff.setDocId((Integer)(session.getAttribute("DocId")));
  
  //if we are updating a new patient, we must check the default doctor as assigned by the staff person
  if (callerId.equals("patientListforStaff"))
  {
	  String doctorId = request.getParameter("cmbDoctor");
	  doctorId = doctorId.substring(doctorId.indexOf("-")+1);
	  newStaff.setDocId(Integer.parseInt(doctorId));
  }
  
  if (newStaff.registerStaff(action))
  {
 	 out.print(newStaff.getStatusMsg());
 	 newStaff.setStatusMsg("");
 	 
 	 //if a staff is updating his/her personal info reset session variables
 	 if ((action != null) && action.equals("update") && callerId.equals("staffHome"))
 	 {
 		session.setAttribute("patientId",newStaff.getStaffId());
		session.setAttribute("FirstName",newStaff.getFirstName());
		session.setAttribute("LastName",newStaff.getLastName());
		session.setAttribute("Phone", newStaff.getPhoneNum());
		session.setAttribute("EmailAddress",newStaff.getEmailAddress());
		session.setAttribute("HomeAddress",newStaff.getHomeAddress());
		session.setAttribute("Gender",newStaff.getGender());
		session.setAttribute("DateOfBirth",newStaff.getDateOfBirth());
 	 }
  }
  else
  {
  	out.print("Failed to create/update patient record: " + newStaff.getStatusMsg());
  	newStaff.setStatusMsg("");
  }
  //go back to calling page
  String backHome = callerId + ".jsp";
 %>
 <form id="frmback" action=<%=backHome %>>
 <input type="submit"  name="cmdStaffHome" id="cmdStaffHome" value="Okay"/>
 </form>

</body>
</html>